Employment seniority, size of employer and regional differences in cyber awareness levels were contributing factors to the data trends

In an October 2023 survey of 1,714 respondents* across America, Australia and New Zealand (ANZ), Europe (EU), Asia, Middle East & Africa (MEA) and South America (SA) to determine their awareness levels and preparedness regarding various email security threats, 400 were from the Philippines, Malaysia, Singapore, Thailand and Vietnam.

Collectively, the 400 respondents from parts of South-east Asia (SEA) scored 43.2% on email security awareness compared to those of the Middle East and Africa (40.7%) and South America (39.9%).

Other findings from the data were also disclosed:

  • Respondents from the SEA group’s small- and medium-sized enterprises (SMEs) scored 40% on email security awareness, compared to 51.1% of respondents from large firms in the same region. This contrasts against awareness levels of North America respondents (61.6%), Australia/New Zealand (57%), and Europe (EU) (54%). SEA SME respondents did score better against those from the Middle East (39.7%) and South America (39.2%).
  • In the SEA group, senior-level employees (11–20 years of experience) scored 54% in email security awareness, lower than those from North America (12%), the ANZ group (9%) and the EU (6%) respectively. The SEA group did better than those of the MEA region (by 18%) and South America (by 16%) respectively.
  • SEA respondents with more than 20 years of experience fared less well at 45%, which was also behind respondents from NA, ANZ, EU by 20%, 15%, and 11% respectively, and behind India, MEA, SA respondents by 4%, 10%, and 5% respectively.
  • New entrants into the SEA group workforce had a 30% awareness level, behind NA, ANZ, EU by 20%, 18%, and 15% respectively, but at similar levels to those respondents who were fresh workers from India and MEA groups.
  • In the SEA group, the awareness gap between fresh entrants and senior-level employees was 24.6%.

Email security awareness by Industry

Group by industry, respondents from technology and education performed best, while those in manufacturing, healthcare, and government fared the worst. Those from the retail and finance sectors exhibited moderate awareness levels. For the worst performing groups by industry:

Those in the healthcare sector were most vulnerable to email “attachments and phishing” at a 34% awareness level. Awareness regarding “email identity verification” was “lacking entirely”.

Those from the government sectors had significant awareness gaps in “email identity verification” (29%) and “web content and URL safety” (34%).

Respondents from the manufacturing industry had the lowest awareness level in “web content and URL Safety” and “data protection in file sharing” at 27% and 29%, respectively.

The firm that conducted the survey was Zoho Workplace.

*Comprising 1,714 users of the firm’s business apps, of which 282 were employees of the firm conducting the survey.